sameer shinde wrote:
Hi All,
We are using squid along with squidguard to block the websites.
Now due to company policy we've blocked all the emial sites with
squidguard blacklist,
wherein we've also blocked gmail.google.com
Now, our company has purchesed domain name specifice mail address from google.
for example mail.ourdomain.com, wherein if anyone types
mail.ourdomain.com it will be
redirected to ourdoman specific gmail.
The problem here is as squidguard is blocking gmail.google.com and
which is inturn backbehind
mail.ourdomain.com, the users are not able to access that site.
What we want to do now is, we still want to block gmail access, but if
someone goes thru
mail.ourdomain.com, then he should get the access to gmail. How can we
achive this?
Very insecure, but...
acl ourmail_referer referer_regex -i mail\.ourdomain\.com
acl gMail dstdomain .gmail.google.com
http_access allow gMail ourmail_referer
...would allow access to gmail.google.com if the referer header included
the string "mail.ourdomain.com". Be aware, this http_access rule would
allow ANYONE who can access your cache to access mail.google.com by
faking the referer.
Few more bits about our squid. It is configured in non-transperant
mode. i.e. we mannually
provide the proxy to users.
Also its in non-authentication mode. i.e. it does not checks for
username/password.
~~~~~~~~~~~~~~
Sameer Shinde.
M:- +91 98204 61580
Millions saw the apple fall, but Newton was the one who asked why.
Chris
